Markdown Version | Session Recording

Session Date/Time: 30 Mar 2023 06:00

mls

Summary

This MLS working group meeting covered the status of the protocol and architecture drafts, interop testing, and several extension proposals. Key topics included the progress of the MLS protocol towards RFC publication, addressing open issues in the architecture document, and discussions around federation, safe extensions, content advertisement, and trust anchors. A new proposal for handling leave operations, addressing challenges related to external commits, was also introduced.

Key Discussion Points

• MLS Protocol Draft Status: Approved and in the RFC editor queue.
• MLS Architecture Draft Status: Requires updates to address reviewer concerns. Decker is leading efforts to provide the updates.
• Interop Testing: Full interop achieved between MLS implementations from Webex and Wicker. Six implementations are involved in testing. Test vectors and live testing frameworks are being used.
• Federation Document: Status remains stable, awaiting developments in the MIME working group. Potential for non-MIME use cases involving standard DS APIs.
• Extensions Document: Becoming more structured. Flexible wire formats and labels have been added. Content advertisement extension and grouped extensions proposals are being considered.
• Safe Extensions: Proposal for a safe extension API to provide structure and security guarantees for extensions, ensuring they don't compromise core MLS security or conflict with each other. Registration with IANA is required.
• Content Advertisement: Two extensions: one for accepted media types in leaf nodes and another for required media types in the group context. Uses an application framing mechanism.
• Group Trust Anchors: Extension proposal to restrict trust anchors for identity validation in federated environments. Concerns raised about complexity and potential for issues similar to those encountered with HPKP.
• Leave Proposal: Discussion on a new leave proposal to address issues with external commits and the inability for clients to reliably remove themselves from groups.

Decisions and Action Items

• Architecture Draft: Decker to lead efforts to provide updates to address reviewer concerns.
• Interop Testing: Richard to provide the Google spreadsheet tracking test vector results in the mailing list.
• Group Trust Anchors: Ron to post literature regarding SPKI and HPKP for reference.
• Leave Proposal: Ron to work with other interested parties to write up an Internet draft concrete proposal, with a security evaluation.

Next Steps

• Await RFC publication of the MLS protocol draft.
• Address open issues and advance the MLS architecture draft.
• Continue interop testing efforts.
• Monitor developments in the MIME working group to determine the future of the federation document.
• Further develop and refine the safe extension API proposal.
• Evaluate the feasibility and security implications of the leave proposal.
• Consider the potential for an extension addressing operational requirements and policy agreement.